Add honeypot spam protection to body update form

Intercepts the request and redirects to the homepage if the comment field is filled in on the public body update form.
author: Gareth Rees <gareth@mysociety.org> 2014-08-19 09:29:54 +0100
committer: Gareth Rees <gareth@mysociety.org> 2014-08-21 11:36:20 +0100
commit: 64a1f148fedcf375a47f959edbdd4cab0170acea (patch)
tree: 92f56b66317d9549cabf06fd6bc09c7736ebee6c /spec/controllers
parent: a4d343096231d62e8d91a1b23ba9e1997e9136c0 (diff)
1 files changed, 16 insertions, 2 deletions
diff --git a/spec/controllers/public_body_change_requests_controller_spec.rb b/spec/controllers/public_body_change_requests_controller_spec.rb
index 7b878b893..8fe7befeb 100644
--- a/spec/controllers/public_body_change_requests_controller_spec.rb
+++ b/spec/controllers/public_body_change_requests_controller_spec.rb
@@ -22,7 +22,8 @@ describe PublicBodyChangeRequestsController, "creating a change request" do
                                      :public_body_name => 'New Body',
                                      :public_body_email => 'new_body@example.com',
                                      :notes => 'Please',
-                                     :source => 'http://www.example.com'}
+                                     :source => 'http://www.example.com',
+                                     :comment => '' }
         end
 
         it "should send an email to the site contact address" do
@@ -51,6 +52,18 @@ describe PublicBodyChangeRequestsController, "creating a change request" do
             response.should redirect_to frontpage_url
         end
 
+        it 'has rudimentary spam protection' do
+            spam_request_params = @change_request_params.merge({ :comment => 'I AM A SPAMBOT' })
+
+            post :create, { :public_body_change_request => spam_request_params }
+
+            response.should redirect_to(frontpage_path)
+
+            deliveries = ActionMailer::Base.deliveries
+            deliveries.size.should == 0
+            deliveries.clear
+        end
+
     end
 
     context 'when handling a request for an update to an existing authority' do
@@ -64,7 +77,8 @@ describe PublicBodyChangeRequestsController, "creating a change request" do
                                      :public_body_id => @public_body.id,
                                      :public_body_email => 'new_body@example.com',
                                      :notes => 'Please',
-                                     :source => 'http://www.example.com'}
+                                     :source => 'http://www.example.com',
+                                     :comment => '' }
         end
 
         it 'should send an email to the site contact address' do
author	Gareth Rees <gareth@mysociety.org>	2014-08-19 09:29:54 +0100
committer	Gareth Rees <gareth@mysociety.org>	2014-08-21 11:36:20 +0100
commit	64a1f148fedcf375a47f959edbdd4cab0170acea (patch)
tree	92f56b66317d9549cabf06fd6bc09c7736ebee6c /spec/controllers
parent	a4d343096231d62e8d91a1b23ba9e1997e9136c0 (diff)